Mahan Air, one of Iran’s largest airlines, has been hit by a cyberattack. The cyberattack caused operations to go offline and lead to a possible data breach or data loss. The firm announced the cyberattack on Twitter, though dealing with hackers is not uncommon for Mahan Airs’ IT security teams. Customers are unable to access […]
Read MoreIKEA has been caught in the middle of a destructive phishing campaign, where hackers are targeting employees in internal phishing attacks which make use of stolen reply-chain emails. A reply-chain email attack is when threat actors steal legitimate corporate email and then reply to them with links to malicious documents that install malware on recipients’ […]
Read MoreThe Flubot banking trojan is actively attacking countries in Northern Europe, spreading via Android phones that are sending millions of malicious text messages. The attacks are mostly occurring in Finland. Last week, the National Cyber Security Centre (NCSC-FI) at the Finnish Transport and Communications Agency disclosed a “severe” alert about rising Flubot malware infections. Once […]
Read MoreThe Federal Bureau of Investigation (FBI) has disclosed that a Cuban ransomware gang has breached 49 organizations from US critical infrastructure sectors. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, […]
Read MoreHackers are using an Internet Information Services (IIS) webserver module dubbed “Owowa,” on Exchange Outlook servers with the aim of stealing credentials and enabling remote code execution. “Owowa is a C#-developed .NET v4.0 assembly that is intended to be loaded as a module within an IIS web server that also exposes Exchange’s Outlook Web Access […]
Read MoreFlagpro Malware is being used against Japanese companies by cyber-espionage hacker group BlackTech. BlackTech uses Flagpro Malware in the initial stage of an attack to conduct network reconnaissance. Using Flagpro Malware in this way, BlackTech aim to evaluate the target’s environment and download additional malware to the network. The attack vector starts with a phishing […]
Read MoreJoker Malware, the bane of Google Play, has resurfaced on the app store disguised as an application called Color Message. The app was downloaded more than 500,000 times before Google removed it. Users are advised to delete Color Message immediately, researchers at Pradeo Security warned. Joker Malware is a persistent threat that’s been active on […]
Read MorePurple Fox Malware is making the rounds by using a malicious Telegram For Desktop installer, which is further used to install additional malware payloads on infected devices. The malicious installer is compiled in a script named “Telegram Desktop.exe” that drops two files – the malicious downloader and an actual Telegram installer. The legitimate installer is […]
Read MoreA new spear phishing attack vector emerged in December 2021, which saw hackers abusing the commenting feature of Google Docs to send emails that appear trustworthy. Google Docs is widely used by employees collaborating or remotely working, so recipients of said emails are familiar with these notifications. Googles’ own security systems are being tricked into […]
Read MoreThe National Health Service (NHS) in the UK has issued an alert warning of an unknown gang of hackers targeting VMware Horizon deployments with Log4j vulnerabilities. Log4Shell is in an exploit within Apache Log4j 2.14, and is classed as vulnerability CVE-2021-44228. The Log4j vulnerabilities have seen high activity since December 2021. Apache has addressed the […]
Read More